Overview

File _patchinfo of Package patchinfo.18202

<patchinfo incident="18202">
  <category>security</category>
  <rating>important</rating>
  <issue id="1217614" tracker="bnc">VUL-0: CVE-2023-6350: libavif,chromium,ungoogled-chromium: Out of bounds memory to alphaItemIndices</issue>
  <issue id="1217615" tracker="bnc">VUL-0: CVE-2023-6351: libavif,chromium,ungoogled-chromium: use-after-free in colorProperties</issue>
  <issue id="1217616" tracker="bnc">VUL-0: chromium,ungoogled-chromium: multiple vulnerabilities fixed in 119.0.6045.199</issue>
  <issue id="2023-6345" tracker="cve" />
  <issue id="2023-6346" tracker="cve" />
  <issue id="2023-6347" tracker="cve" />
  <issue id="2023-6348" tracker="cve" />
  <issue id="2023-6350" tracker="cve" />
  <issue id="2023-6351" tracker="cve" />
  <packager>AndreasStieger</packager>
  <summary>Security update for chromium</summary>
  <description>
This update for Chromium fixes the following issue:

Chromium 119.0.6045.199 (boo#1217616)

* CVE-2023-6348: Type Confusion in Spellcheck
* CVE-2023-6347: Use after free in Mojo
* CVE-2023-6346: Use after free in WebAudio
* CVE-2023-6350: Out of bounds memory access in libavif (boo#1217614)
* CVE-2023-6351: Use after free in libavif (boo#1217615)
* CVE-2023-6345: Integer overflow in Skia
* Various fixes from internal audits, fuzzing and other initiatives.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places